The Tor Browser / file revision

security/manager/ssl/src/nsNSSCertTrust.h@b8a032363ba2

security/manager/ssl/src/nsNSSCertTrust.h

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

     1 /* This Source Code Form is subject to the terms of the Mozilla Public

     2  * License, v. 2.0. If a copy of the MPL was not distributed with this

     3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     4 

     5 #ifndef _NSNSSCERTTRUST_H_

     6 #define _NSNSSCERTTRUST_H_

     7 

     8 #include "certt.h"

     9 #include "certdb.h"

    10 

    11 /*

    12  * nsNSSCertTrust

    13  * 

    14  * Class for maintaining trust flags for an NSS certificate.

    15  */

    16 class nsNSSCertTrust

    17 {

    18 public:

    19   nsNSSCertTrust();

    20   nsNSSCertTrust(unsigned int ssl, unsigned int email, unsigned int objsign);

    21   nsNSSCertTrust(CERTCertTrust *t);

    22   virtual ~nsNSSCertTrust();

    23 

    24   /* query */

    25   bool HasAnyCA();

    26   bool HasAnyUser();

    27   bool HasCA(bool checkSSL = true, 

    28                bool checkEmail = true,  

    29                bool checkObjSign = true);

    30   bool HasPeer(bool checkSSL = true, 

    31                  bool checkEmail = true,  

    32                  bool checkObjSign = true);

    33   bool HasUser(bool checkSSL = true, 

    34                  bool checkEmail = true,  

    35                  bool checkObjSign = true);

    36   bool HasTrustedCA(bool checkSSL = true, 

    37                       bool checkEmail = true,  

    38                       bool checkObjSign = true);

    39   bool HasTrustedPeer(bool checkSSL = true, 

    40                         bool checkEmail = true,  

    41                         bool checkObjSign = true);

    42 

    43   /* common defaults */

    44   /* equivalent to "c,c,c" */

    45   void SetValidCA();

    46   /* equivalent to "C,C,C" */

    47   void SetTrustedServerCA();

    48   /* equivalent to "CT,CT,CT" */

    49   void SetTrustedCA();

    50   /* equivalent to "p,," */

    51   void SetValidServerPeer();

    52   /* equivalent to "p,p,p" */

    53   void SetValidPeer();

    54   /* equivalent to "P,P,P" */

    55   void SetTrustedPeer();

    56   /* equivalent to "u,u,u" */

    57   void SetUser();

    58 

    59   /* general setters */

    60   /* read: "p, P, c, C, T, u, w" */

    61   void SetSSLTrust(bool peer, bool tPeer,

    62                    bool ca,   bool tCA, bool tClientCA,

    63                    bool user, bool warn); 

    64 

    65   void SetEmailTrust(bool peer, bool tPeer,

    66                      bool ca,   bool tCA, bool tClientCA,

    67                      bool user, bool warn);

    68 

    69   void SetObjSignTrust(bool peer, bool tPeer,

    70                        bool ca,   bool tCA, bool tClientCA,

    71                        bool user, bool warn);

    72 

    73   /* set c <--> CT */

    74   void AddCATrust(bool ssl, bool email, bool objSign);

    75   /* set p <--> P */

    76   void AddPeerTrust(bool ssl, bool email, bool objSign);

    77 

    78   /* get it (const?) (shallow?) */

    79   CERTCertTrust * GetTrust() { return &mTrust; }

    80 

    81 private:

    82   void addTrust(unsigned int *t, unsigned int v);

    83   void removeTrust(unsigned int *t, unsigned int v);

    84   bool hasTrust(unsigned int t, unsigned int v);

    85   CERTCertTrust mTrust;

    86 };

    87 

    88 #endif

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial